SecHeaders 1.0
Download
Free Version
Publisher Description
An app that takes as an input some websites and then gathers, filter, visualize and generate statistics of their Security Headers. It's started as a mini-project for the course of "Mobile and Wireless Networks Security" at the Department of Information & Communication Systems Engineering, University of Aegean. So don't expect anything fancy lads. :bowtie: Also the project build with Android Studio IDE, if you want to you can import it to eclipse (needs to be converted).
The app will filter all headers to find the ones for security. Those will be filtered are 10 and mentioned above. :wink:
***Access Control Allow Origin - When Site A tries to fetch content from Site B, Site B can send an Access-Control Allow-Origin response header to tell the browser that the content of this page is accessible to certain origins.
***Content Security Policy (CSP) - Helps detect/prevent XSS, mixed-content, and other classes of attack. CSP 1.1 Specification.
***Cross Domain Meta Policy - Tells Flash and PDF files which Cross Domain Policy files found on your site can be obeyed; yes, it's a policy about other policies!
Server Information - Who has a need to know what type of server you're running?
***UTF-8 Character Encoding - Minimizing the likelihood that malicious character conversion could happen.
***X-Frame-Options (XFO) - Prevents your content from being framed and potentially clickjacked. X-Frame-Options draft.
***X-Powered-By - Who has a need to know what software version you're running?
***X-XSS-Protection - Cross site scripting heuristic filter for IE/Chrome.
***X-Content-Type-Options - Prevent content type sniffing "NoSniff".
***X-Download-Options - Prevent file downloads opening.
***HTTP Strict Transport Security (HSTS) - Ensures the browser never visits the http version of a website. Protects SSLStrip/Firesheep attacks. HSTS Specification
***Secure Cookies - Ensure that the server knows the client. Checking the use of Set-Cookie2 along to the insecure Set-Cookie.
***X-Pingback - Header for blogs, a url that allows other sites that link to that site/site's article to tell the site that it did link to that site. Before adding it, used for DDOS attacks.
P3P - Header for Platform for Privacy Preferences.
About SecHeaders
SecHeaders is a free app for Android published in the System Maintenance list of apps, part of System Utilities.
The company that develops SecHeaders is Rambou. The latest version released by its developer is 1.0.
To install SecHeaders on your Android device, just click the green Continue To App button above to start the installation process. The app is listed on our website since 2015-06-06 and was downloaded 10 times. We have already checked if the download link is safe, however for your own protection we recommend that you scan the downloaded app with your antivirus. Your antivirus may detect the SecHeaders as malware as malware if the download link to gr.rambou.secheader is broken.
How to install SecHeaders on your Android device:
- Click on the Continue To App button on our website. This will redirect you to Google Play.
- Once the SecHeaders is shown in the Google Play listing of your Android device, you can start its download and installation. Tap on the Install button located below the search bar and to the right of the app icon.
- A pop-up window with the permissions required by SecHeaders will be shown. Click on Accept to continue the process.
- SecHeaders will be downloaded onto your device, displaying a progress. Once the download completes, the installation will start and you'll get a notification after the installation is finished.
